ftp client (lftp) can't access ftp server (bftpd) due to Anonymous login disable

[Adam]

Hi all,

1. I'm getting the following error when trying to access ftp server (bftpd) from ftp client (lftp)

FTP Client

Code: [Select]

tc@client:~$ lftp 10.0.0.1
lftp 10.0.0.1:~> ls
`ls' at 0 [Delaying before reconnect: 13]
FTP Server Config
/usr/local/etc/bftpd.conf

Code: [Select]

user ftp {
  #Any password fits.
  ANONYMOUS_USER="yes"
  DENY_LOGIN="Anonymous login disabled."
  #ROOTDIR="/path/for/anonymous/user"
}

user anonymous {
  #If the client wants anonymous, ftp is taken instead.
  ALIAS="ftp"
}

user root {
  DENY_LOGIN="Root login not allowed."
}

tcpdump output

Code: [Select]

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
21:17:35.364717 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [S], seq 2905054482, win 29200, options [mss 1460,sackOK,TS val 203245 ecr 0,nop,wscale 7], length 0
21:17:35.364748 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [S.], seq 2553823927, ack 2905054483, win 28960, options [mss 1460,sackOK,TS val 577383 ecr 203245,nop,wscale 7], length 0
21:17:35.365592 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [.], ack 1, win 229, options [nop,nop,TS val 203245 ecr 577383], length 0
21:17:35.365931 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [P.], seq 1:35, ack 1, win 227, options [nop,nop,TS val 577383 ecr 203245], length 34
21:17:35.366623 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [.], ack 35, win 229, options [nop,nop,TS val 203246 ecr 577383], length 0
21:17:35.366913 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [P.], seq 1:7, ack 35, win 229, options [nop,nop,TS val 203246 ecr 577383], length 6
21:17:35.366970 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [.], ack 7, win 227, options [nop,nop,TS val 577384 ecr 203246], length 0
21:17:35.367078 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [P.], seq 35:55, ack 7, win 227, options [nop,nop,TS val 577384 ecr 203246], length 20
21:17:35.367938 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [P.], seq 7:23, ack 55, win 229, options [nop,nop,TS val 203246 ecr 577384], length 16
21:17:35.368175 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [P.], seq 55:77, ack 23, win 227, options [nop,nop,TS val 577384 ecr 203246], length 22
21:17:35.369211 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [P.], seq 23:35, ack 77, win 229, options [nop,nop,TS val 203246 ecr 577384], length 12
21:17:35.369286 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [P.], seq 77:138, ack 35, win 227, options [nop,nop,TS val 577384 ecr 203246], length 61
21:17:35.369476 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [F.], seq 138, ack 35, win 227, options [nop,nop,TS val 577384 ecr 203246], length 0
21:17:35.370533 IP 10.0.0.2.48322 > 10.0.0.1.21: Flags [F.], seq 35, ack 139, win 229, options [nop,nop,TS val 203247 ecr 577384], length 0
21:17:35.370546 IP 10.0.0.1.21 > 10.0.0.2.48322: Flags [.], ack 36, win 227, options [nop,nop,TS val 577385 ecr 203247], length 0
2. Is lftp the only ftp client available on core?

Code: [Select]

tc@box:/$ tce
tce-ab - Tiny Core Extension: Application Browser

S)earch P)rovides K)eywords or Q)uit:
Enter starting chars of desired extension, e.g. abi: ftp

tce - Tiny Core Extension browser

         1. bftpd.tcz
         2. gftp.tcz
         3. lftp-doc.tcz
         4. lftp-locale.tcz
         5. lftp.tcz

Enter selection ( 1 - 5 ) or (q)uit:


[curaga]

I'm not sure what the question is, how to enable anonymous logins, or how to log in with lftp?

The standard "ftp" client is part of inetutils.

[Adam]

I'm not sure what the question is, how to enable anonymous logins, or how to log in with lftp?

Thanks curaga for your response. Both. The goal is to able to access ftp server, with anonymous logins

The standard "ftp" client is part of inetutils.

But standard ftp is not there. That's the reason why I installed lftp

Code: [Select]

tc@box:~$ ftp
-sh: ftp: not found
tc@box:~$

[Misalf]

Hi

Code: [Select]

tce-load -wi inetutils


[curaga]

Remove the "deny_login" line.

[Adam]

Hi

Code: [Select]

tce-load -wi inetutils


I didn't know it has to be installed. Thanks Misalf. "Normal" ftp client is  working now. I guess I can remove lftp.

Code: [Select]

tc@box:~$ tce-load -wi inetutils
inetutils.tcz.dep OK
Downloading: inetutils.tcz
Connecting to repo.tinycorelinux.net (89.22.99.37:80)
inetutils.tcz        100% |*******************************************************************************************************************|   268k  0:00:00 ETA
inetutils.tcz: OK
tc@box:~$
tc@box:~$ ftp
ftp> quit
tc@box:~$

[Adam]

Remove the "deny_login" line.

It works! Thanks curaga 

tc@box:~$ cat /usr/local/etc/bftpd.conf | grep -i anonymous
  ANONYMOUS_USER="yes"
  #DENY_LOGIN="Anonymous login disabled."
  #ROOTDIR="/path/for/anonymous/user"
user anonymous {
  #If the client wants anonymous, ftp is taken instead.
tc@box:~$

[Adam]

I've the following config set on /opt/bootlocal.sh

Code: [Select]

ifconfig eth0 10.1.0.1
ifconfig eth1 10.1.1.1
ifconfig eth2 10.1.2.1
Unfortunately, after installing Inetutils, my host can't get the proper IP Address. This config won't work anymore after Inetutils has been installed. Please advise.

[gerald_clark]

What is your netmask?

[Adam]

What is your netmask?

By default, any linux OS will assign /24 if we don't put netmask in ifconfig command.

Before inetutils

Code: [Select]

tc@box:~$ ifconfig | grep add
eth0      Link encap:Ethernet  HWaddr AA:AA:AA:AA:AA:00
          inet addr:10.1.0.1  Bcast:10.1.0.255  Mask:255.255.255.0
eth1      Link encap:Ethernet  HWaddr AA:AA:AA:AA:AA:01
          inet addr:10.1.1.1  Bcast:10.1.1.255  Mask:255.255.255.0
eth2      Link encap:Ethernet  HWaddr AA:AA:AA:AA:AA:02
          inet addr:10.1.2.1  Bcast:10.1.2.255  Mask:255.255.255.0
          inet addr:127.0.0.1  Mask:255.0.0.0
tc@box:~$

After inetutils & reboot

Code: [Select]

tc@box:~$ ifconfig | grep add
          inet addr:127.0.0.1  Mask:255.0.0.0
tc@box:~$


[curaga]

Try running the commands manually? Busybox versions may work slightly differently vs upstream ones. You can also change your script to call "busybox ifconfig" to always use that version.

[Adam]

Try running the commands manually? Busybox versions may work slightly differently vs upstream ones.

No, doesn't work. The config is actually still there when I run ifconfig eth0, but I can't see any IP when I just run ifconfig. That's mean the IP is somehow not active right.

before inetutils

tc@normal:~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr AA:AA:AA:AA:AA:00
          inet addr:10.1.0.1  Bcast:10.1.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:109 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:11428 (11.1 KiB)  TX bytes:11281 (11.0 KiB)

tc@normal:~$

after inetutils

tc@NOTnormal:~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr AA:AA:AA:AA:AA:00
          inet addr:10.1.0.1  Bcast:10.1.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 TX bytes:0

tc@NOTnormal:~$

Also, I noticed that all the routing is gone once I installed inetutils and reboot it.

Code: [Select]

tc@box:~$ netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
127.0.0.1       0.0.0.0         255.255.255.255 UH        0 0          0 lo
tc@box:~$

You can also change your script to call "busybox ifconfig" to always use that version.

Yeah, this is working. Thanks curaga I appreciate it. Now I can change my script to add busybox prefix.
May I know what is the explanation behind this?

[patrikg]

Why not just add netmask in command.
Like the command is used for.

Code: (bash) [Select]

ifconfig eth0 10.1.0.1 netmask 255.255.255.0

[Adam]

Why not just add netmask in command.
Like the command is used for.

Code: (bash) [Select]

ifconfig eth0 10.1.0.1 netmask 255.255.255.0

http://forum.tinycorelinux.net/index.php/topic,20799.msg129937.html#msg129937

[gerald_clark]

Actually, the default netmask should be the default for the IP address class.
The default for 10.1.0.1 should be 255.0.0.0